At LogicMonitor, we believe our platform enables our customers to See More, Know More, and Do More, to keep up with the rapid pace of change in business today. The following is an interesting use case that illustrates how LogicMonitor can provide quick insight to enable modern IT teams to work proactively and perform at maximum operational efficiency.
Microsoft Active Directory is a key component of the IT infrastructure of any organization that uses Microsoft Windows servers or desktops. Active Directory is responsible for managing users, their accounts and their access to individual computers, shared drivers, printers, servers and more. From a user’s perspective, Active Directory’s single sign-on capability ensures that users do not have to remember and use different passwords for different types of accesses.
Microsoft Windows Azure Active Directory (Azure AD or AAD) is a cloud service that provides administrators with the ability to manage end-user identities and access privileges. When you use Office 365, Microsoft Azure, or Intune you are indirectly interacting with AAD which they use to manage all of their identities, authentication and permissions.
You may be familiar with Microsoft Active Directory as it is a mainstay in many business’s IT operations and is crucial to the security and functionality of your network. Active Directory was developed by Microsoft for their Windows Domain networks and was released back in 2000 along with Windows 2000. Active Directory has become an umbrella that contains their “directory-based identity-related services” and offers a range of capabilities.
For about 20 years now, Microsoft Active Directory has been the dominant directory service controlling user access to IT resources. IT administrators have probably all heard of someone complaining about lacking access to a desktop or server. But just a few years ago, that problem was much easier to solve than it is now. With changes in IT environments, managing Active Directory has gotten more challenging.
Since Active Directory is the foundation of all Windows networks, monitoring Active Directory needs to be part of any comprehensive security strategy. Up to version 3.5, EventSentry utilized Windows auditing and the security event log to provide reports on: User Account Changes, Group Changes and Computer Account Changes.
Our product development team has been focusing on correlation and threat intelligence features, with the goal of thwarting external breach attempts. This year, we built new capabilities, strengthened existing features, and enhanced the usability of the product.
